On Sat, 22 Jan 2000, scott.list wrote:
> Every user on my system got this message today. I don't see exactly how it
> was delivered, it has no to addresses.
mail doesn't need to addresses.
The thing that really matters for mail is the stuff that is passed to the
SMTP server; stuff like
telnet localhost 25
HELO microsoft.com
MAIL FROM:<[EMAIL PROTECTED]>
RCPT TO:<root@localhost>
DATA
This message has no header at all, except for the stuff generated by
the server
.
QUIT
is perfectly valid.
You could patch a mailer to filter out all messages that have different
RCPT TO:s than To: headers in the actual message, but that would
automatically shut you out from mailing lists, .forwards etc.
The sad thing is that there is no way to protect yourself from all
spam. Using the black lists (http://maps.vix.com/) helps some, but is
definitely not a perfect solution, as you will still get some spam, and
some genuine messages will be rejected.
> Return-Path: <[EMAIL PROTECTED]>
> Received: from dfg.poi (ABD4F271.ipt.aol.com [171.212.242.113])
> by mls5.mlec.net (8.9.3/8.9.3) with SMTP id BAA02555;
Only one Received: line - they used you directly as SMTP server.
I've checked your mail server; it's not open-relay, so it's not a
configuration problem. You probably can't do anything to protect yourself
against this. :/ (Well, maybe you can get aol to tell you which user was
logged in with IP 171.212.242.113 at that time, and sue them for server
abuse, but that's not exactly protection).
Guess it's about time to write and sell a "spamming tool" that advertises
it'll send mail to millions of addresses, where all of the addresses are
actually "|cat >/dev/null"@localhost. ;)
LLaP
bero
--
Anyone sending unsolicited bulk email (UBE, SPAM) to this address will be
charged a $25 handling fee plus a $5 network traffic fee per started
kilobyte. By extracting my address from this message or its header, you
agree to these terms.
Nevertheless, spammers trying to auto-extract addresses from this message
will definitely want to include [EMAIL PROTECTED] and [EMAIL PROTECTED]
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
